What is this "suspicious activity window" and how do I use Webroot to make sure the "suspicious activity pop-up" left nothing behind on my pc nor that it changed any of my OS settings?
Best answer by Baldrick
View originalscareware
I'm running MS 7, IE11 and Google Chrome. Yesterday, while using Google Chrome incognito, I experienced a pop-up window that seemed like it might be scareware. It described some "suspicious activity at page 11449847918.rsc.cdn77.org trying to modify my OS" and instructions to call: "Microsoft Certified Technician at 888-992-0126" and for me to not touch "any of my internet windows or tabs; like explorer, google, etc. and to not shut down or reboot my pc". I did not call the number; instead I x'd out of IE tabs and window, but I could not x out of the "scareware" window - it just kept popping back up and I could not x out of Google Chrome. I hit "alt-ctl-del" and forced Chrome to close. I restarted the pc and ran a scan with Webroot; and it reported no detections of unusual files.
What is this "suspicious activity window" and how do I use Webroot to make sure the "suspicious activity pop-up" left nothing behind on my pc nor that it changed any of my OS settings?
What is this "suspicious activity window" and how do I use Webroot to make sure the "suspicious activity pop-up" left nothing behind on my pc nor that it changed any of my OS settings?
Userlevel 7
Hi LeslieS
Welcome to the Community Forums.
THIS IS A SCAM!! Neither Microsoft nor any other company sends emails, pop ups, or phone calls of any kind advising that you may have a problem.
If you clicked anything links, allowed them to remote into your computer, or went to any web sites please Submit a Support Ticket ASAP. (Now would be a good idea....)
If you would like more information, read on (After submitting that Support Ticket.....) then read on:
NEWS ARTICLE: Tech Support Scams are on the rise.
Microsoft never issues this type of warning or email or anything of a sort! Please see the following link for Microsofts official word on this:
http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx
"Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.
Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you're using.
Once they've gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable."
Also see Avoid scams that use the Microsoft name fraudulently
http://www.microsoft.com/security/online-privacy/msname.aspx
For more information here iwhat the United States Federal Trade Commission has to say on the subject::
http://www.consumer.ftc.gov/articles/0346-tech-support-scams
"In a recent twist, scam artists are using the phone to try to break into your computer. They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need.
These scammers take advantage of your reasonable concerns about viruses and other threats. They know that computer users have heard time and again that it’s important to install security software. But the purpose behind their elaborate scheme isn’t to protect your computer; it’s to make money."
This scam is common and has been around for quite a while. Here is a good Webroot Blog article from April 2013 by Threat Researcher Roy Tobin.
http://www.webroot.com/blog/2013/04/30/fake-microsoft-security-scam/
I hope that the above is of assistance but please feel free to ask further questions is necessary AND should the popup window manifest itself again then also please post back so we can advise further on that too.
Regards, Baldrick
Welcome to the Community Forums.
THIS IS A SCAM!! Neither Microsoft nor any other company sends emails, pop ups, or phone calls of any kind advising that you may have a problem.
If you clicked anything links, allowed them to remote into your computer, or went to any web sites please Submit a Support Ticket ASAP. (Now would be a good idea....)
If you would like more information, read on (After submitting that Support Ticket.....) then read on:
NEWS ARTICLE: Tech Support Scams are on the rise.
Microsoft never issues this type of warning or email or anything of a sort! Please see the following link for Microsofts official word on this:
http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx
"Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.
Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you're using.
Once they've gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable."
Also see Avoid scams that use the Microsoft name fraudulently
http://www.microsoft.com/security/online-privacy/msname.aspx
For more information here iwhat the United States Federal Trade Commission has to say on the subject::
http://www.consumer.ftc.gov/articles/0346-tech-support-scams
"In a recent twist, scam artists are using the phone to try to break into your computer. They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need.
These scammers take advantage of your reasonable concerns about viruses and other threats. They know that computer users have heard time and again that it’s important to install security software. But the purpose behind their elaborate scheme isn’t to protect your computer; it’s to make money."
This scam is common and has been around for quite a while. Here is a good Webroot Blog article from April 2013 by Threat Researcher Roy Tobin.
http://www.webroot.com/blog/2013/04/30/fake-microsoft-security-scam/
I hope that the above is of assistance but please feel free to ask further questions is necessary AND should the popup window manifest itself again then also please post back so we can advise further on that too.
Regards, Baldrick
Hi Baldrick:
Thank you for your quick response. I clicked on no links, I did not call the number, I did not receive any pop-up to allow "someone" to access my PC in order to "help" me, I performed no downloads.
I did start a second PC to try and research the "page identified" and the "phone number" but I failed to find much information to help me that way.
So I opted to close all apps on the pc with the suspicious activity message in the pop-up window and to restart it.
From your reply, it sounds like I took the appropriate action and most likely have no residual unwanted impact.
Is this a correct assumption?
P.S. Thank you for your warm welcome to the Community!!
Thank you for your quick response. I clicked on no links, I did not call the number, I did not receive any pop-up to allow "someone" to access my PC in order to "help" me, I performed no downloads.
I did start a second PC to try and research the "page identified" and the "phone number" but I failed to find much information to help me that way.
So I opted to close all apps on the pc with the suspicious activity message in the pop-up window and to restart it.
From your reply, it sounds like I took the appropriate action and most likely have no residual unwanted impact.
Is this a correct assumption?
P.S. Thank you for your warm welcome to the Community!!
Userlevel 7
Hi LeslieS
You are most welcome...re. the welcome. :D
Yes, from what you describe as to your actions you "...took the appropriate action and most likely have no residual unwanted impact."
Keep an eye out as to the possible popping of the window again or anything that appears to unusual such as searches not working properly or websites not being displayed properly, etc. I do not want to scare you but just make you aware that sometimes these scams are associated with PUAs or Potential Unwanted Applications on ones system. These can inadvertently get downloaded by users as they are often bundled with legitimate app downloads, etc., and in some cases then perpetrate the sort of scam you have raised in your post.
WSA does detect PUAs but not all; the whole area of what is a PUA and what is not is a moot point which I will not go into here unless we need to...but hopefully not. Just keep a weather eye open and if you spot nothing untowards over the next 24 hours I would say that all is well.
Regards, Baldrick
You are most welcome...re. the welcome. :D
Yes, from what you describe as to your actions you "...took the appropriate action and most likely have no residual unwanted impact."
Keep an eye out as to the possible popping of the window again or anything that appears to unusual such as searches not working properly or websites not being displayed properly, etc. I do not want to scare you but just make you aware that sometimes these scams are associated with PUAs or Potential Unwanted Applications on ones system. These can inadvertently get downloaded by users as they are often bundled with legitimate app downloads, etc., and in some cases then perpetrate the sort of scam you have raised in your post.
WSA does detect PUAs but not all; the whole area of what is a PUA and what is not is a moot point which I will not go into here unless we need to...but hopefully not. Just keep a weather eye open and if you spot nothing untowards over the next 24 hours I would say that all is well.
Regards, Baldrick
I had a similar experience today 10/3/2015. I am still using MS Vista with IE9.
I used "alt-ctl-del" to use the task manager to shutdown the applications.
I just wanted to reply to this, so people could see that this same pop-up has happened on other microsoft operating systems.
I was using IE9, I had just opened the explorer, it was starting up a bit slow. I saw a balloon message at the bottom of the Vista menu bar that I needed to log back into Google Chrome, then a new IE window came up with a blue screen, and information I felt was bogus, then came the suspicious activity window pop-up. then I closed it all using the ctl-alt-del.
I used "alt-ctl-del" to use the task manager to shutdown the applications.
I just wanted to reply to this, so people could see that this same pop-up has happened on other microsoft operating systems.
I was using IE9, I had just opened the explorer, it was starting up a bit slow. I saw a balloon message at the bottom of the Vista menu bar that I needed to log back into Google Chrome, then a new IE window came up with a blue screen, and information I felt was bogus, then came the suspicious activity window pop-up. then I closed it all using the ctl-alt-del.
Userlevel 7
Hi toad69
Welcome to the Community Forums...and thanks for sharing. :D
As I said previously, if you have run a scan of your system with WSA and nothing has come up then you should proceed as normal but do keep an eye open for any odd behaviour such as further pop windows, especially if they are not in browser, any searches that do not seem to go normally, etc. If you notice nothing over the next 24 hour period then all should be well, but if you do notice something then please gather details and post back here so we can assist you in determining the cause.
Regards, Baldrick
Welcome to the Community Forums...and thanks for sharing. :D
As I said previously, if you have run a scan of your system with WSA and nothing has come up then you should proceed as normal but do keep an eye open for any odd behaviour such as further pop windows, especially if they are not in browser, any searches that do not seem to go normally, etc. If you notice nothing over the next 24 hour period then all should be well, but if you do notice something then please gather details and post back here so we can assist you in determining the cause.
Regards, Baldrick
I received the same message and behavior from Google Chrome on Mac OSX 10.7. Except that the message told me to contact my ISP instead of Microsoft.
And now when I run Chrome there is weird graphics behavior in the Chrome window, text disappearing when the mouse goes over it and reappearing later, and the appearance of garbled video signals which seem to be contained in the browser window.
And now when I run Chrome there is weird graphics behavior in the Chrome window, text disappearing when the mouse goes over it and reappearing later, and the appearance of garbled video signals which seem to be contained in the browser window.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.